Log out
Get PRO

Latest

Input validation vulnerability in File Renaming on Upload 2.5.1

  • Severity: medium-risk
  • Status: Fixed
  • Publication: May 25, 2023

The File Renaming on Upload plugin for WordPress is vulnerable to a type of attack called Stored Cross-Site Scripting. This type of attack can allow someone with administrator-level permissions to insert malicious web scripts in pages. When a user accesses the page, the malicious script will execute. This type of vulnerability only affects multi-site installations and installations where certain security measures have been disabled. The vulnerable versions of the plugin are up to and including 2.5.1, and the vulnerability is caused by insufficient input sanitization and output escaping.

Detected in:

File Renaming on Upload fixed vulnerable versions: >= * <= 2.5.1
Rename Media Files: Improve Your WordPress SEO fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.